Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Memory overlap with memcpy in _al_kcm_refill_stream #1051

Open
dos1 opened this issue May 5, 2019 · 1 comment

Comments

Projects
None yet
2 participants
@dos1
Copy link
Contributor

commented May 5, 2019

Happens when speeding up audio stream with al_set_audio_stream_speed.

=================================================================
==32568==ERROR: AddressSanitizer: memcpy-param-overlap: memory ranges [0x62d00018a418,0x62d00018a424) and [0x62d00018a410, 0x62d00018a41c) overlap
    #0 0x7f528e510b25 in __interceptor_memcpy /build/gcc/src/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:737
    #1 0x7f528e135cf6 in _al_kcm_refill_stream ../addons/audio/kcm_stream.c:652
    #2 0x7f528e12cb9f in fix_looped_position ../addons/audio/kcm_mixer.c:231
    #3 0x7f528e12fd28 in read_to_mixer_linear_float_32 ../addons/audio/kcm_mixer.c:340
    #4 0x7f528e131334 in _al_kcm_mixer_read ../addons/audio/kcm_mixer.c:388
    #5 0x7f528e131334 in _al_kcm_mixer_read ../addons/audio/kcm_mixer.c:388
    #6 0x7f528e1367c2 in _al_voice_update ../addons/audio/kcm_voice.c:54
    #7 0x7f528e139d24 in pulseaudio_update ../addons/audio/pulseaudio.c:181
    #8 0x7f528e2010fd in thread_func_trampoline ../src/threads.c:80
    #9 0x7f528e274846 in thread_proc_trampoline ../src/unix/uxthread.c:44
    #10 0x7f528d289a91 in start_thread (/usr/lib/../lib/libpthread.so.0+0x7a91)
    #11 0x7f528d3a9cd2 in __clone (/usr/lib/libc.so.6+0xfacd2)

0x62d00018a418 is located 16408 bytes inside of 32816-byte region [0x62d000186400,0x62d00018e430)
allocated by thread T9 here:
    #0 0x7f528e5c35a1 in __interceptor_calloc /build/gcc/src/gcc/libsanitizer/asan/asan_malloc_linux.cc:95
    #1 0x7f528e1fb1a5 in al_calloc_with_context ../src/memory.c:83
    #2 0x7f528e1345b5 in al_create_audio_stream ../addons/audio/kcm_stream.c:118
    #3 0x7f528e11bc94 in _al_load_ogg_vorbis_audio_stream_f ../addons/acodec/ogg.c:505
    #4 0x7f528e11b916 in _al_load_ogg_vorbis_audio_stream ../addons/acodec/ogg.c:447
    #5 0x7f528e129e44 in al_load_audio_stream ../addons/audio/audio_io.c:315
    #6 0x7f526a537cf9 in Gamestate_Load ../../src/gamestates/frozen.c:1085
    #7 0x7f528e3703ce in GamestateLoadingThread ../../libsuperderpy/src/internal.c:273
    #8 0x7f528e201181 in detached_thread_func_trampoline ../src/threads.c:94
    #9 0x7f528e274846 in thread_proc_trampoline ../src/unix/uxthread.c:44
    #10 0x7f528d289a91 in start_thread (/usr/lib/../lib/libpthread.so.0+0x7a91)
    #11 0x7f528d3a9cd2 in __clone (/usr/lib/libc.so.6+0xfacd2)

Thread T6 created by T0 here:
    #0 0x7f528e5236d5 in __interceptor_pthread_create /build/gcc/src/gcc/libsanitizer/asan/asan_interceptors.cc:202
    #1 0x7f528e27497d in _al_thread_create ../src/unix/uxthread.c:65
    #2 0x7f528e201273 in al_create_thread ../src/threads.c:124
    #3 0x7f528e13a150 in pulseaudio_allocate_voice ../addons/audio/pulseaudio.c:283
    #4 0x7f528e136937 in al_create_voice ../addons/audio/kcm_voice.c:90
    #5 0x7f528e36fbcb in SetupAudio ../../libsuperderpy/src/internal.c:191
    #6 0x7f528e37cfe7 in libsuperderpy_init ../../libsuperderpy/src/libsuperderpy.c:343
    #7 0x55fac8b0f3aa in main ../../src/main.c:39
    #8 0x7f528d2d2ce2 in __libc_start_main (/usr/lib/libc.so.6+0x23ce2)

Thread T9 created by T0 here:
    #0 0x7f528e5236d5 in __interceptor_pthread_create /build/gcc/src/gcc/libsanitizer/asan/asan_interceptors.cc:202
    #1 0x7f528e27497d in _al_thread_create ../src/unix/uxthread.c:65
    #2 0x7f528e20136e in al_run_detached_thread ../src/threads.c:154
    #3 0x7f528e382928 in MainloopTick ../../libsuperderpy/src/mainloop.c:336
    #4 0x7f528e382928 in libsuperderpy_mainloop ../../libsuperderpy/src/mainloop.c:489
    #5 0x7f528e3800d8 in libsuperderpy_run ../../libsuperderpy/src/libsuperderpy.c:450
    #6 0x55fac8b0f436 in main ../../src/main.c:59
    #7 0x7f528d2d2ce2 in __libc_start_main (/usr/lib/libc.so.6+0x23ce2)

0x62d00018a410 is located 16400 bytes inside of 32816-byte region [0x62d000186400,0x62d00018e430)
allocated by thread T9 here:
    #0 0x7f528e5c35a1 in __interceptor_calloc /build/gcc/src/gcc/libsanitizer/asan/asan_malloc_linux.cc:95
    #1 0x7f528e1fb1a5 in al_calloc_with_context ../src/memory.c:83
    #2 0x7f528e1345b5 in al_create_audio_stream ../addons/audio/kcm_stream.c:118
    #3 0x7f528e11bc94 in _al_load_ogg_vorbis_audio_stream_f ../addons/acodec/ogg.c:505
    #4 0x7f528e11b916 in _al_load_ogg_vorbis_audio_stream ../addons/acodec/ogg.c:447
    #5 0x7f528e129e44 in al_load_audio_stream ../addons/audio/audio_io.c:315
    #6 0x7f526a537cf9 in Gamestate_Load ../../src/gamestates/frozen.c:1085
    #7 0x7f528e3703ce in GamestateLoadingThread ../../libsuperderpy/src/internal.c:273
    #8 0x7f528e201181 in detached_thread_func_trampoline ../src/threads.c:94
    #9 0x7f528e274846 in thread_proc_trampoline ../src/unix/uxthread.c:44
    #10 0x7f528d289a91 in start_thread (/usr/lib/../lib/libpthread.so.0+0x7a91)
    #11 0x7f528d3a9cd2 in __clone (/usr/lib/libc.so.6+0xfacd2)

SUMMARY: AddressSanitizer: memcpy-param-overlap /build/gcc/src/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:737 in __interceptor_memcpy
==32568==ABORTING
@fatcerberus

This comment has been minimized.

Copy link
Contributor

commented May 6, 2019

I guess the fix would be to use memmove here instead.

dos1 added a commit to dos1/allegro5 that referenced this issue May 12, 2019

audio: use memmove instead of memcpy in _al_kcm_refill_stream
The ranges can overlap there, which memcpy can't handle.

Closes liballeg#1051

dos1 added a commit to dos1/allegro5 that referenced this issue May 12, 2019

audio: use memmove instead of memcpy in _al_kcm_refill_stream
The ranges can overlap there, which memcpy can't handle.

Closes liballeg#1051

SiegeLord added a commit to SiegeLord/allegro5 that referenced this issue May 12, 2019

Fix _al_kcm_refill_stream in cases where stream speed caused spl->pos…
… to overshoot.

Previously, this would result in us copying some garbage to the
beginning of the new buffer, since the logic was sourcing samples
relative to the overshot spl->pos, rather than the real end of the
buffer.

While I was at it, I fixed a super-rare situation where the speed is so
high that multiple buffers need to be updated. I only fixes it in the
mixer code, not the voice code. The latter is essentially deprecated
anyway, one should always use a mixer before a voice.

Fix liballeg#1051.

dos1 added a commit to dos1/allegro5 that referenced this issue May 12, 2019

Fix _al_kcm_refill_stream in cases where stream speed caused spl->pos…
… to overshoot.

Previously, this would result in us copying some garbage to the
beginning of the new buffer, since the logic was sourcing samples
relative to the overshot spl->pos, rather than the real end of the
buffer.

While I was at it, I fixed a super-rare situation where the speed is so
high that multiple buffers need to be updated. I only fixes it in the
mixer code, not the voice code. The latter is essentially deprecated
anyway, one should always use a mixer before a voice.

Fix liballeg#1051.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.